Security in PTERI starts with strict separation of responsibilities.
Every component has a narrow role. No component is trusted with more than it absolutely needs.
The user device is the only place where authority exists.
It holds:
Private keys
Seed phrase
Biometric enforcement
Cryptographic signing
These elements never leave the device.
The device is treated as a hard trust boundary.
If the device cannot be compromised, authority cannot be stolen.
Kakr infrastructure is verification-only.
It handles:
Verification APIs
Blockchain indexing
Rate limiting
Observability and monitoring
It does not hold:
Seed phrases
Biometrics
Signing capability
Kakr infrastructure can observe and verify, but it cannot impersonate, recover, or override users.
Kakr never stores secrets. Not by policy — by design.
Last updated 4 days ago
Was this helpful?
